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- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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Disposition of Claims 
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application from the International Bureau (PCT Rule 17.2(a)). 
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Attachment(s) 

1) M Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). . 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) □ Notice of Informal Patent Application (PTO-152) 

3) □ Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other: 



U.S. Patent and Trademark Office 
PTO-326 (Rev. 04-01) 



Office Action Summary 



Part of Paper No. 20040902 



Application/Control Number: 09/456,692 
Art Unit: 2136 



Page 2 



DETAILED ACTION 

Response to Arguments 

1 . In response to communications filed on 8/9/2004 for Request to Continue Examination, 
Applicant cancels claims 1-106 and adds claims 107-164. The following claims 107-164 are 
presented for examination, 

2. Applicant's remarks, page 13, filed on 8/9/2004, with respect to the addition of new 
claims 107-164 have been fully considered, however the specification fails to disclose every 
claim limitation as claimed (see for example 1 12 rejection below). A new ground of rejection is 
made in view of Bhagwat. Bagwat discloses comparing security token to determine whether 
connection should be coupled and further discloses creating a socket connection and relaying 
connections. 

Drawings 

3. Fig. 1 is objected to as failing to comply with 37 CFR 1 .84(p)(5) because it does not 
include the reference signs 131, 132,146, and 147, mentioned in the description on p.2. A 
proposed drawing correction or corrected drawings are required in reply to the Office action to 
avoid abandonment of the application. The objection to the drawings will not be held in 
abeyance. 
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Claim Rejections - 35 USC § 112 

4. The following is a quotation of the first paragraph of 35 U.S.C 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

Claims 107, 131 , 148 and 125, 145, and 162 are rejected under 35 U.S.C. 112, first paragraph, as 
failing to comply with the written description requirement. The claim contains subject matter, 
which was not described in the specification in such a way as to reasonably convey to one skilled 
in the relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. The Applicant fails to recite creating a socket associated with the first 
connection and the first security token if none of the security associated tokens match. The 
specification, on the other hand, describes that termination is disconnected or remains open. 

Claim Objections 

5. Claims 148, 150-162, 164 and the intervening claims are objected to because of the 
following informalities: the term "adapted to" is not a positive limitation and should be 
corrected. Appropriate correction is required. See MPEP § 2106. 

Claim Rejections- 35 USC § 101 

6. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 
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Claims 148-164 are rejected under 35 U.S. C. 101 because the claimed invention is 
directed to non-statutory subject matter. The computer program product recited in these claims 
is not embodied in a computer hardware or not properly claimed. See MPEP § 2106. 



Claim Rejections - 35 USC§102 
7. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), (2), and 
(4) of section 371(c) of this title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S. C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 
35U.S.C. 102(e)). 

7. 1 Claims 107-127 and 131-164 are rejected under 35 U.S.C. 102(e) as being anticipated by 
US Patent 5,941,988 to Bhagwat et aL. 
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7 2 As per claims 107-108, 131-132, and 148-149, Bhagwat et al. discloses a method 
comprising: providing a plurality of sockets, wherein each socket has an associated connection 
and an associated security token; receiving a first connection and a first security token, for 
example (see column 3, line 63 through column 4, line 8; column 5, lines 5-40); comparing the 
first security token with the associated security tokens, for example (column 7, lines 10-55 and 
column 8, lines 40 et seq. and column 4, lines 22-37 and column 12, line 33-55); in response to 
said comparing, if none of the associated security tokens match the first security token, creating a 
socket associated with the first connection and the first security token, for example (see column 
7, lines 10-55 and column 8, lines 40 et seq. and column 4, lines 22-37). 

As per claims 109, 111, 133, 135, 150, and 152, Bhagwat et al. discloses the limitation 
of further comprising: in response to said comparing, if the first security token and a security 
token associated with one of the plurality of sockets match, coupling the first connection to the 
connection associated with the socket, for example (see column 5, lines 5-20). 

As per claims 110, 134, and 151, Bhagwat et al. discloses the limitation of further 
comprising: in response to said comparing, if none of the associated security tokens match the 
first security token, upon a determination that the first connection is not to be associated with a 
socket, disconnecting the first connection, for example (see column 12, lines 25-37). 
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As per claims 112, 136, and 153, Bhagwat et al. discloses the limitation of 
wherein the coupling the first connection to the connection associated with the socket comprises: 
creating a single connection comprising the first connection and the connection associated with 
the socket, for example (see column 5, lines 5-20 and column 7, lines 26-56). 

As per claims 113-114, 137-138, and 154-155, Bhagwat et al. discloses the limitation 
of further comprising: decoupling the first connection and the connection associated with the 
socket, wherein the decoupling occurs upon one of failure and disconnect of one of the first 
connection and the connection associated with the socket, for example (see column 12, lines 25- 
37 and column 9, line 55 et seq.). 

As per claims 115, 139, and 156, Bhagwat et al. discloses the limitation of wherein the 
first connection is transmitted through a first firewall program, for example (see column 1, lines 
45-67 and column 5, lines 5-20). 

As per claim 116, Bhagwat et al. discloses a proxy that can create a connection that 
meets the recitation of the limitation of wherein the first connection is created by a protocol 
daemon, for example (see column 7, lines 26-45). 

As per claim 117, Bhagwat et al. discloses wherein a second connection connects the 
protocol daemon to a first program, and the protocol daemon couples the first connection to the 
second connection, for example (see column 7, lines 26-56). 
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As per claim 118, Bhagwat et al. discloses wherein the protocol daemon relays a data 
stream between the first connection and the second connection, for example (see column 7, lines 
26-56). 

As per claim 119, Bhagwat et al. discloses wherein the first program provides the first 
security token, for example (see column 3, line 63 through column 4, line 8). 

As per claims 120, 140, and 157, Bhagwat et al. discloses a method comprising: 
creating a first connection to a first program; receiving a first security token from the first 
program; creating a second connection to a relay program; providing the first security token to 
the relay program, for example (see column 3, line 63 through column 4, line 8; column 5, lines 
5-40 and column 7, lines 26-45); and upon successful creation of the second connection, 
coupling the first connection to the second connection, for example (see column 3, line 63 
through column 4, line 8; column 5, lines 5-40; and column 7, lines 26-45). 

As per claims 121, 141, and 158, Bhagwat et al discloses the limitation of wherein the 
second connection is transmitted through a firewall program, for example (see column 3, line 63 
through column 4, line 8; column 5, lines 5-40; and column 7, lines 26-45). 

As per claims 122, 142, and 159, Bhagwat et al. discloses the limitation of further 
comprising: relaying a data stream between the first connection and the second connection, for 
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example (see column 3, line 63 through column 4, line 8; column 5, lines 5-40 and column 7, 
lines 26-45). 

As per claims 123, 143, and 160, Bhagwat et aL discloses the limitation of wherein the 
first security token is one of a password, a network address, and a verification string, for example 
(see column 3, line 63 through column 4, line 8; column 5, lines 5-40; and column 7, lines 26- 
45). 

As per claims 124, 144, and 161, Bhagwat et aL discloses the limitation of further 
comprising: terminating the first connection and the second connection, for example (see column 
12, lines 25-37 and column 9, lines 55 et seq.). 

As per claims 125, 145, and 162, Bhagwat et aL discloses the limitation of wherein the 
relay program compares the first security token with one or more security tokens associated with 
one or more corresponding connections, for example (column 7, lines 10-55 and column 8, lines 
40 et seq. and column 4, lines 22-37 and column 12, line 33-55); in response to said comparing, 
if the first security token and a security token associated with a corresponding connection match, 
coupling the second connection to the connection associated with the matching security token, 
for example (see column 5, lines 5-20); and in response to said comparing, if none of the 
associated security tokens match the first security token, creating a socket associated with the 
second connection and the first security token, for example (column 7, lines 10-55 and column 8, 
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lines 40 et seq. and column 4, lines 22-37 and column 12, line 33-55). See also column 3, line 
63 through column 4, line 7). 

As per claims 126, 146, and 163, Bhagwat et al. discloses the limitation of wherein the 
connection associated with the matching security token is initiated by a second program, for 
example (see column 5, lines 5-20). 

As per claims 127, 147, and 164, Bhagwat et aL discloses the limitation of 
wherein the relay program relays data between the second connection and the connection 
associated with the matching security token, for example (see column 3, line 63 through column 
4, line 8; column 5, lines 5-40 and column 7, lines 26-45), 

Claim Rejections - 35 USC § 103 

8, The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 
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8. 1 Claims 128-130 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 
Patent 5,941,988 to Bhagwat et aL in view of US Patent 6,104,716 to Crichton et aL. 

8.2 Claim 128 contains the same limitations as claim 120 except for using a protocol 
daemon, which is disclosed by Bhagwat et aL. As per claims 128-130, Bhagwat et aL 
discloses the limitation of wherein wherein a protocol daemon program does creating a first 
connection to a first program, for example (see column 3, line 63 through column 4, line 8; 
column 5, lines 5-40 and column 7, lines 26-45); receiving a first security token from the first 
program; creating a second connection to a relay program; providing the first security token to 
the relay program, for example (see column 3, line 63 through column 4, line 8; column 5, lines 
5-40 and column 7, lines 26-45); and upon successful creation of the second connection, 
coupling the first connection to the second connection, for example (see column 3, line 63 
through column 4, line 8; column 5, lines 5-40; and column 7, lines 26-45). Bhagwat et aL does 
not explicitly disclose a protocol daemon providing the first security token to the relay program 
as Bhagwat et aL describes the invention with a single firewall and proxy. However, adding 
more firewalls and proxies does not depart from the spirit and scope of the invention, for 
example (see column 10, lines 45-63). Therefore it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to modify the method of Bhagwat et aL to add 
another proxy as a relay program to perform the same function as taught by Bhagwat et aL in 
order to expand the system to multiple parties and connections. This design choice requires 
routine skill in the art, Crichton et aL in an analogous art teaches multiple proxies wherein one 
proxy can provide security token to another neighboring proxy as explained for example in 
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column 8 allowing a single tunnel to be constructed across multiple firewalls, for example (see 
columns 8-9); and further discloses wherein the protocol daemon program and the firewall 
program are resident on a single computer; wherein the protocol daemon program and the first 
program are resident on a single computer providing flexibility depending on resources 
available, for example (see column 9, lines 50-67). Therefore, it would have been obvious to one 
of ordinary skill in the art at the time the invention was made to modify the method of Bhagwat 
et aL to have a protocol daemon providing the first security token to the relay program allowing 
a single tunnel to be constructed across multiple firewalls, wherein the protocol daemon program 
and the firewall program are resident on a single computer; wherein the protocol daemon 
program and the first program are resident on a single computer providing flexibility depending 
on resources available as taught by Crichton et aL This modification would have been obvious 
because one skilled in the art would have been motivated by the suggestions provided by 
Crichton et aL so as to allow a single tunnel to be constructed across multiple firewalls and 
provide flexibility depending on resources available, for example (see column 8, lines 52-67 and 
column 9, lines 50-67). 

Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

a. US Patent 6,308,238 Smith et al 
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This patent pertains to comparing security token with associated security tokens to 
determine whether or not connection should be established. Many of the claimed features are 
disclosed in this reference. 

9. 1 Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carl Colin whose telephone number is 703-305-0355. The 
examiner can normally be reached on Monday through Thursday and every other Friday, 8:00- 



If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-3900. 



6:30 PM. 



Carl Colin 




Patent Examiner 



September 2, 2004 
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